Pierluigi Paganini
November 02, 2018
Security experts from CISCO warn of a zero-day vulnerability that is being actively exploited in attacks in the wild. The flaw, tracked as CVE-2018-15454, affects the Session Initiation Protocol (SIP) inspection engine of Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD). The flaw could be exploited by a remote attacker to trigger a DoS condition […]
Pierluigi Paganini
October 29, 2018
Systemd is affected by a security vulnerability that can be exploited to crash a vulnerable Linux machine, and in the worst case to execute malicious code. An attacker can trigger the vulnerability using maliciously crafted DHCPv6 packets and modifying portions of memory of the vulnerable systems, potentially causing remote code execution. The flaw, tracked as CVE-2018-15688, […]
Pierluigi Paganini
October 19, 2018
Splunk recently addressed several vulnerabilities in Enterprise and Light products, some of them have been rated “high severity.” Splunk Enterprise solution allows organizations to aggregate, search, analyze, and visualize data from various sources that are critical to business operations. The Splunk Light is a comprehensive solution for small IT environments that automates log analysis and integrate […]
Pierluigi Paganini
October 11, 2018
Juniper Networks has released security updates to address serious vulnerabilities affecting the Junos operating system. This week, Juniper Networks has patched dozens of serious security provided security patches for each of them, the security advisories are available on the company website. The most severe flaw is probably the  CVE-2018-0049, which could be exploited by an attacker to […]
Pierluigi Paganini
September 24, 2018
A security researcher discovered a bug affecting Firefox on Mac, Linux, and Windows that could crash the browser and in some cases the underlying OS. The security researcher Sabri Haddouche from Wire discovered a bug that affects Firefox on Mac, Linux, and Windows that could crash the browser and in some cases the underlying PC. Haddouche was focusing its […]
Pierluigi Paganini
September 03, 2018
The Wireshark team has addressed three serious vulnerabilities that could be exploited by a remote unauthenticated attacker to crash the analyzer. The Wireshark development team has fixed three serious flaws that could be exploited by a remote unauthenticated attacker to trigger a DoS condition in the world’s most popular network protocol analyzer. The three vulnerabilities […]
Pierluigi Paganini
August 17, 2018
Linux kernel maintainers have rolled out security updates for two DoS vulnerabilities tracked as SegmentSmack and FragmentSmack. Linux kernel maintainers have released security patches that address two vulnerabilities, tracked as two bugs are known as SegmentSmack (CVE-2018-5390) and FragmentSmack (CVE-2018-5391). potentially exploitable to trigger a DoS condition. The vulnerabilities reside the Linux kernel’s TCP stack, an attacker can […]
Pierluigi Paganini
August 09, 2018
The Internet Systems Consortium (ISC) announced the presence of a serious flaw in the BIND DNS software that can be exploited by remote attackers to cause a denial-of-service (DoS) condition. The vulnerability tracked as CVE-2018-5740 was discovered by Tony Finch of the University of Cambridge. The flaw has been assigned a CVSS score of 7.5, the […]
Pierluigi Paganini
July 25, 2018
The Apache Software Foundation has rolled out security updates for the Tomcat application server that address several flaws. The Apache Software Foundation has released security updates for the Tomcat application server that address several vulnerabilities, including issues that trigger a denial-of-service (DoS) condition or can lead to information disclosure. Apache Tomcat is an open-source Java Servlet Container that implements […]
Pierluigi Paganini
June 21, 2018
Cisco released security patches for more than 30 vulnerabilities, including five Critical arbitrary code execution issues affecting the NX-OS Software Cisco released security patches for more than 30 vulnerabilities including five Critical arbitrary code execution issues affecting the NX-API feature of NX-OS Software (CVE-2018-0301) and the Fabric Services component of FXOS Software and NX-OS Software […]
